Two new security flaws have been discovered in Microsoft's Internet Explorer browser, and one of them may also...
affect its open source rival, Firefox.
Exploit code for the flaws had already been published on the internet, said the SANS Internet Storm Center security research website, although it added that so far no attacks had been launched using this code.
Attackers can take advantage of the IE and Firefox flaw by using cross-site scripting. The technique enables hackers to view the contents of an open window from a second window open on the user's system. The data can then be stolen.
The number of security flaws that affect both IE and Firefox is slowly rising, as Firefox gains in popularity.
Rogue code writers see Firefox as an increasingly attractive target now that it has more than 10% market share. IE has around 85% of the browser market
The second IE flaw is related to the way certain applications are processed. A user could be tricked into double-clicking on a malicious file, and remote code executed by remote attackers, who could take over the system.
Both Microsoft and Mozilla Foundation are considering issuing patches for the reported problems.